WannaCrypt Ransomware Attacks – Could They Attack Application Containers?
“WannaCrypt ransomware attacks should make us wanna cry” is the CNN news headline for the world-wide ransomware attack which started last Friday (5/12). The data clearly showed that this was a very serious network attack: more than 20 hospital IT systems (Britain’s NHS had to cancel surgeries), more than 100 countries, large enterprises like Spanish firms Telefonica, Germany’s main train operator Deutsche Bahn, Russia’s Interior Ministry, China’s universities and gas stations…
So from security point of view, here are some interesting observations:
- Public clouds are doing a better job of security in this case. WannaCrypt is basically attacking Microsoft windows vulnerabilities on SMB, RDP, IIS service ports like 445. Thousands of computers became victims. But a lot of public cloud providers are blocking unnecessary ports 445/137/138/139 already by default, so the virtualization technologies and network segmentation naturally helped to reduce these risks.
- Internal security has become more and more important. One of the main reasons why the WannaCrypt ransomware attacks are spreading so fast is because there are fewer security protections in place for internal networks. Starting from a compromised laptop or internal VM, port scanning and attacks spread by east-west (internal) traffic. Even if gateway firewalls have the proper rules they can’t do anything for east-west traffic because they are typically deployed for north-south (external) traffic.
Read the entire article here, WannaCrypt Ransomware Attacks – Could They Attack Application Containers?
via NeuVectdor.
White Papers
‘All You Need to Know About Microsoft Windows Nano Server’ Veeam White Paper
Now updated for Windows Server 2016 GA release! You probably heard about Windows Nano Server already … but what is it exactly, and how do you get started with it? What value will it bring to your environment? Nano Server is a headless, 64-bit only deployment option for Windows Server 2016. Microsoft created this component specifically with […]
Share this:
‘The Citrix Administrator’s Guide to Citrix ICA/HDX’ White Paper
‘The Technical Guide to Migrating from Citrix 6.5 to 7.x and Replacing EdgeSight’ White Paper
Complete Guide to Understanding the Citrix Logon Process
‘Securing IGEL OS Endpoints’ White Paper
‘Managing Java Application Performance in a Citrix Environment’ White Paper